From 756ef0c353a8bdda8a92ab26ce4629c7b158234a Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hallyn@ubuntu.com>
Date: Mon, 15 May 2017 13:05:31 +0200
Subject: [PATCH] storage: use 0711 as the default perms for dirs

There should be no need to make dir based pools world/group readable.
So use 0711, not 0755, as the default perms for storage dirs.

Updates in v2:
 - adapt commit wording to mention dropping group readable as well

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
---
 docs/formatstorage.html.in | 2 +-
 src/storage/storage_util.h | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/formatstorage.html.in b/docs/formatstorage.html.in
index 225e190002..4946ddf708 100644
--- a/docs/formatstorage.html.in
+++ b/docs/formatstorage.html.in
@@ -444,7 +444,7 @@
         namespace. It provides information about the permissions to use for the
         final directory when the pool is built. There are 4 child elements.
         The <code>mode</code> element contains the octal permission set.
-        The <code>mode</code> defaults to 0755 when not provided.
+        The <code>mode</code> defaults to 0711 when not provided.
         The <code>owner</code> element contains the numeric user ID.
         The <code>group</code> element contains the numeric group ID.
         If <code>owner</code> or <code>group</code> aren't specified when
diff --git a/src/storage/storage_util.h b/src/storage/storage_util.h
index a05c35d81b..6f2a1b189e 100644
--- a/src/storage/storage_util.h
+++ b/src/storage/storage_util.h
@@ -138,7 +138,7 @@ int virStorageBackendVolOpen(const char *path, struct stat *sb,
     ATTRIBUTE_RETURN_CHECK
     ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2);
 
-# define VIR_STORAGE_DEFAULT_POOL_PERM_MODE 0755
+# define VIR_STORAGE_DEFAULT_POOL_PERM_MODE 0711
 # define VIR_STORAGE_DEFAULT_VOL_PERM_MODE  0600
 
 int virStorageBackendUpdateVolInfo(virStorageVolDefPtr vol,
-- 
GitLab